General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 320 Views
  • 0 replies
  • 0 Likes

Bundle CA cert with Captive Portal cert?

Just bought a cert from Thawte and am trying to make use of it for captive portal redirects.  I've run into an issue in that, while the unit can import the host certificate fine, none of the captive portal client's recognize it as it's been signed by

...

rahmant by Not applicable
  • 2823 Views
  • 2 replies
  • 0 Likes

Resolved! How to setup Captive Portal for Macs and Linux

Hi,

I'm having trouble setting up Captive Portal for our Macs and Linux users.

We have a PA-500 running 3.1.5, with Active-Directory, which is working fine for user authentication.

I've tried setting up a Captive Portal for the remaining users (so we ca

...

lhank by L0 Member
  • 4680 Views
  • 2 replies
  • 0 Likes

Multiple WAN interfaces

Currently going through a ISP change.  We have the luxury of having both WAN links up so we don't have to do a hot cut.  I'm trying to figure out how this can be achieved.  The set up needs to route requests back out the interface on which they were

...

Resolved! HA config

Did I unstand it right, that the PaloAlto firewalls doesn't need virtual and self-ip-addresses for HA?

I just watched the HA config video, but there was no part for configuring the layer 3 interfaces for HA. At the moment we use checkpoint firewalls a

...

gzauner by L0 Member
  • 3484 Views
  • 3 replies
  • 0 Likes

Resolved! Citrix Session Reliability - port 2598 tcp

I have a policy that allows traffic to my Citrix server using application objects Citrix, Citrix-jedi, web-browsing, and ssl. The Citrix object includes 2598 tcp (session reliability) as a standard port. I originally had service set to application-de

...

Data Filter Custom Report: No way to filter by File Name?

I am trying to create a Custom Report to show all Executables coming in and out of PA.  We do have a few .EXE files that are allowed to run through the network.  Is there no way to exclude these from the report by file name?

For example...

File Name !=

...

jambulo by L4 Transporter
  • 2555 Views
  • 2 replies
  • 0 Likes

Recording User in Logs

This should be an easy one.  Just looking for confirmation.

The only way to get user information in traffic/url/threat logs is to a) use the PAN User Agent to query AD/WMI or b) setup a caputive portal.  Is this correct?

We have a WPA2 wireless network

...

Resolved! Multiple Userid Agents

It is possible to add multiple userid agents (AD in my case) which serve a single domain to my PAN4020 for the purposes of redundancy?

Justin

forfarj by L1 Bithead
  • 3508 Views
  • 2 replies
  • 0 Likes

PA-500 problem with ISA Proxy Server

Dear,

We have the question concerning using Palo Alto with Microsoft ISA Server.We have implementation of a Palo Alto in the network where Microsoft ISA Server is used as proxy (8080 port). We installed PA in network as Virtual Wire so we don't distu

...

Resolved! Blackberry?

I may be wanting to setup a BES behing our PAN on the LAN.

Is there any more to it than creating an inbound security and NAT policy, and specifying the application as Blackberry with the service "application defaults" please?

Thanks all.

VASCO supported ?

Hi all,

Anyone know if Palo Alto 2050 support two-factor authentication via VASCO or not ?

Many thanks,

warut by Not applicable
  • 2145 Views
  • 1 replies
  • 0 Likes

Problem in receiving email

Hi,

I face a problem with the smtp app. currently my PA500 do not set any deny action.

However, I facing a huge delay when receive the email through the SMTP. Sometimes, the can receive the email and need to replace the PAN to other firewall or router.

...

jeffhooi by Not applicable
  • 2368 Views
  • 2 replies
  • 0 Likes

Microsoft releases Security Bulletins for November

Today, as part of its monthly Security Bulletin Release, Microsoft released 3 Security Bulletins (1 critical, 2 important).

http://www.microsoft.com/technet/security/bulletin/ms10-nov.mspx

We will be initiating coverage for corresponding vulnerabiliti

...

  • 23824 Posts
  • 112 Subscriptions
Top Liked Authors
Labels